Service Gateway 5.5.0.0.362 Release Notes

Service Gateway 5.5.0.0.362 is now available.

What's new in this release?

Vulnerability Fixes

• SGATEWAY-338 Security Vulnerability - Unauthenticated Deserialization Leads to Remote Code Execution (RCE)

Enhancements

• SGATEWAY-193 USP MQTT is now made as a configurable feature. The default configuration is set to be disabled.

Defects Resolved

• SGATEWAY-362 Filter option is not working for Templates. This issue is resolved in this release.
• SGATEWAY-336 The issue in the new UI where picking up a scroll bar high selects the window title instead of scrolling. This issue is resolved now.
• SGATEWAY-335 The issue related to the Jboss random login failure is resolved in this release.
• SGATEWAY-358 The issue introduced in the V5.4 release i.e Error 500 which appears when CSR is called from Inventory - Device, is resolved in this release.
• SGATEWAY-344 The issue in the new UI where RPC method is throwing an error is resolved in this release.

Upgrade Instructions

Note: Regular backups of the database and file systems should be performed prior to performing an upgrade.

This patch is packaged with a web-based installer to ease the upgrade process. The installer is used in the same way as during a new install.

It is necessary to run the installer on all servers that make up the Service Gateway installation. This is so that the installer can update, at minimum, patch level information on each server.

Prior to upgrading any server, the ACS servers must be shut down and all user interface and EAI activity must cease.

Perform the upgrades to the Application Servers and Database Schema first. When patching a clustered environment, the Admin server must be patched before any managed servers are patched. Servers must be running before the patch process can be started. Ensure that there is only one ear file in the destination directory. For Weblogic ensure that configuration is not locked.

Once the application servers and database schema have been successfully upgraded, proceed with the upgrade of each ACS server. The ACS upgrade will automatically restart the ACS.

The steps to upgrade each server are as follows:

1. Extract the contents of the patch archive to a temporary location.
2. Copy the JDBC driver for the database to the root directory of the extracted patch contents.
3. Enter the "bin" directory and start the run script appropriate to the operating system. run.bat for Windows, and run.sh for Solaris or Linux.
4. Under Windows, the default web browser is automatically launched and directed at http://localhost:8888/. On Solaris or Linux, a web browser must be launched from any computer on the network and directed at the installation site manually. The installer listens for HTTP connections on port 8888 of the server the installer is running on.
5. After accessing the installer web UI, select "Update an existing instance" and click "Next".
6. Once the target instance has been selected and the license agreement has been accepted, the patch prerequisite scripts will run. If they are all successful, clicking "Next" will start the upgrade process.

Troubleshooting and Manual Installation
If the installer fails for any reason, installer.log should be backed up to a safe location so that there is no loss of information needed to diagnose the problem and understand the current state of the application. This file should be sent to Aptean Technical Support for review. Manual patch and rollback instructions are available to Aptean technicians to assist in recovery from a failed upgrade.

Download Links

• Please raise a support ticket to get a link for the Service Gateway 5.5.0.0.362 Installer